Sign-up

ID

VAR-200107-0090


CVE

CVE-2001-1303


TITLE

Check Point Firewall-1 SecureRemote Network Information Disclosure Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200107-113

DESCRIPTION

The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication. SecureRemote is the proprietary VPN infrastructure designed by Check Point Software, and included with some versions of Firewall-1

Trust: 1.26

sources: NVD: CVE-2001-1303 // BID: 3058 // VULHUB: VHN-4108

AFFECTED PRODUCTS

vendor:checkpointmodel:firewall-1scope:eqversion:4.0

Trust: 1.6

vendor:checkpointmodel:firewall-1scope:eqversion:4.1

Trust: 1.6

vendor:checkmodel:point software firewall-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.0

Trust: 0.3

sources: BID: 3058 // CNNVD: CNNVD-200107-113 // NVD: CVE-2001-1303

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2001-1303
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200107-113
value: MEDIUM

Trust: 0.6

VULHUB: VHN-4108
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2001-1303
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-4108
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-4108 // CNNVD: CNNVD-200107-113 // NVD: CVE-2001-1303

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-1303

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200107-113

TYPE

Configuration Error

Trust: 0.9

sources: BID: 3058 // CNNVD: CNNVD-200107-113

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-4108

EXTERNAL IDS
db:BIDid:3058
Trust: 2.0
db:NVDid:CVE-2001-1303
Trust: 1.7
db:OSVDBid:588
Trust: 1.7
db:CNNVDid:CNNVD-200107-113
Trust: 0.7
db:BUGTRAQid:20010718 FIREWALL-1 INFORMATION LEAK
Trust: 0.6
db:XFid:6857
Trust: 0.6
db:XFid:1
Trust: 0.6
db:EXPLOIT-DBid:21015
Trust: 0.1
db:VULHUBid:VHN-4108
Trust: 0.1
sources:
            
            
            VULHUB: VHN-4108 // 
            
            
            
            BID: 3058 // 
            
            
            
            CNNVD: CNNVD-200107-113 // 
            
            
            
            NVD: CVE-2001-1303

REFERENCES
url:http://www.securityfocus.com/bid/3058
Trust: 1.7
url:http://www.securityfocus.com/archive/1/197566
Trust: 1.7
url:http://www.osvdb.org/588
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/6857
Trust: 1.1
url:http://xforce.iss.net/static/6857.php
Trust: 0.6
sources:
            
            
            VULHUB: VHN-4108 // 
            
            
            
            CNNVD: CNNVD-200107-113 // 
            
            
            
            NVD: CVE-2001-1303

CREDITS
Haroon Meer※ haroon@sensepost.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200107-113

SOURCES
db:VULHUBid:VHN-4108
db:BIDid:3058
db:CNNVDid:CNNVD-200107-113
db:NVDid:CVE-2001-1303

LAST UPDATE DATE
2024-08-14T12:45:05.557000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-4108date:2017-10-10T00:00:00
db:BIDid:3058date:2001-07-18T00:00:00
db:CNNVDid:CNNVD-200107-113date:2005-05-02T00:00:00
db:NVDid:CVE-2001-1303date:2017-10-10T01:30:02.187

SOURCES RELEASE DATE
db:VULHUBid:VHN-4108date:2001-07-18T00:00:00
db:BIDid:3058date:2001-07-18T00:00:00
db:CNNVDid:CNNVD-200107-113date:2001-07-18T00:00:00
db:NVDid:CVE-2001-1303date:2001-07-18T04:00:00